Skip to content

https between reverse proxy and server #4560

Answered by BlackDex
tlapik123 asked this question in Q&A
Discussion options

You must be logged in to vote

Yes, you can do https<>https between the reverse proxy and Vaultwarden.
If all nodes are in your control, then it might be overkill, but if someone could come in-between it could be useful. It just depends on how well you trust your environment.

If someone sniffs the traffic, they could see the encrypted passwords. But there shouldn't be anything crossing the wire which could be used to decrypt the data instantly. They would need to brute-force your master-password first, which is only sent as a hashed value.

They could see icon requests maybe which could disclose sites you have accounts on, but those probably also appear in the reverse proxy logs.

Replies: 1 comment 1 reply

Comment options

You must be logged in to vote
1 reply
@tlapik123
Comment options

Answer selected by tlapik123
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
None yet
2 participants